The section Configuring Stardog to use SSL lacks information and some of the included information and configuration options are confusing.
These are (imo) the main issues:
There is no word on which port is configured as default (which as of version 5.2.2 is 5821).
The stardog-admin tool states (with the help command): --port <port> Specify the port the server will bind to. If only --enable-ssl is given, which port is configured? The HTTP or HTTPS one? What about when --require-ssl is given? 2 different parameters (--port and --ssl-port) should be used instead, as this provides full configuration flexibility and less documentation confusion.
Apologies for this, the documentation could indeed be clearer. The general rule is this: If --enable-ssl is used, the ssl port defaults to (HTTP Port + 1). If -require-ssl is used, then the ssl port is simply the default port.
Examples:
Default is 5820, --enable-ssl -> SSL port is 5821
Default is 5820, --require-ssl -> SSL port is 5820
--port 8888 --enable-ssl -> SSL port is 8889
We can look into a separate CLI flag for specifying the SSL port explicitly.
Thank you for the clarification! No problem, I hope this information lands in the docu for the next release
I still don’t quite get why this unnecessary complexity. Both ports should just be configured separately with the enable-ssl and require-ssl flags just determining which ports are active (and the HTTPS port having a default value e.g. 5821).
Otherwise an intended change on the HTTP port forcefully leads to an unintended change in the HTTPS port (since it does not have a default value, but a calculated value). Also, a “standard” setup (e.g. 80/8080 for HTTP, 443/8443 for HTTPS) is not possible (at least without some system re-directing magic).
I would strongly recommend configuration properties to be as independent from each other as possible.
